Mindlyst is an open-source project dedicated to transparency, privacy, and user protection. We respect your personal information and follow privacy-by-design principles. This Privacy Policy explains what data we collect, why we collect it, how we use it, and the rights you have regarding that information. By using our open-source platform, you agree to the practices described in this policy.

  1. 1. INTRODUCTION

    2. This Privacy Policy applies to the Mindlyst open-source software, its website, and related services (“Services”). Because Mindlyst may be self-hosted by anyone, certain data-handling practices may vary depending on the server operator. This document outlines the privacy standards followed by the official instance hosted at Mindlyst.org.

  2. 2. DATA COLLECTED

    3. Mindlyst collects only the minimum information required to provide core functionality. We do not collect data unnecessarily or use it for commercial profiling.

    • Account Information (e.g., name, email) — only when registration is required.
    • Authentication Data — encrypted passwords or SSO tokens (never stored in plain text).
    • Usage Logs — minimal server logs for security, error detection, or performance optimization.
    • Optional Self-Reported Data — any assessment or mental-wellbeing inputs you voluntarily provide.
    • Technical Data — browser type, device type, or IP (standard web traffic logs).

    We do not collect: biometric data, ethnicity, religious identity, political identity, financial records, or any other sensitive personal attributes unless you voluntarily provide them.

  3. 3. OPEN-SOURCE TRANSPARENCY

    4. Mindlyst’s codebase is publicly available. Anyone may review or audit how data is processed. We strongly support transparency, community auditing, and contributions that improve privacy and security.

  4. 4. HOW WE USE YOUR DATA

    5. Your information is used only to:

    • Create and maintain your account
    • Provide platform features and personalized tools
    • Ensure system security and detect abuse
    • Improve the platform based on anonymized analytics
    • Respond to user requests or support queries

    We do not sell, rent, or trade your data. We do not use your information for advertising or marketing without your explicit consent.

  5. 5. DATA STORAGE and SECURITY

    6. All data is stored securely using encryption and industry-standard protocols. Because Mindlyst may be self-hosted, different operators may use different storage infrastructures. For the official instance (Mindlyst.org):

    • Passwords are hashed using strong encryption
    • All connections use SSL/TLS
    • Payment information (if any) is handled only by certified third-party processors

  6. 6. COMMUNITY AND THIRD-PARTY INTEGRATIONS

    7. Mindlyst may integrate with optional third-party services such as Google, GitHub, or OAuth providers for authentication. These services share only the information required for login (e.g., email, profile ID). Each third-party provider has its own privacy policy, which users should review.

  7. 7. COOKIES AND ANALYTICS

    8. We use minimal cookies necessary for:

    • Authentication
    • Session management
    • Basic analytics to improve performance

    We do not use invasive tracking, cross-site tracking, or advertising cookies. Users can disable analytical cookies at any time without affecting core functionality.

  8. 8. YOUR RIGHTS

    9. You have full control over your data. You may:

    • Access your personal data
    • Request correction or deletion
    • Download/export your data
    • Withdraw consent
    • Request full account deletion and data anonymization

  9. 9. OPEN-SOURCE SELF-HOSTING NOTICE

    10. If you are using a self-hosted deployment of Mindlyst, the server administrator—not the Mindlyst development team—is responsible for data handling, storage, and compliance. This policy applies only to official servers maintained by the Mindlyst team.

  10. 10. SECURITY PRACTICES

    11. Mindlyst implements security using open-source standards, regular community audits, encryption, and responsible disclosure policies. While we strive for strong protection, no online system can guarantee absolute security.

  11. 11. LEGAL COMPLIANCE

    12. We may disclose data only when required by applicable law, valid legal request, or urgent protection of user safety. We never voluntarily disclose user data to any government entity.

  12. 12. CHANGES TO THIS POLICY

    13. We may update this policy when needed. All changes will be published openly on our website and documented in the project repository with version history for transparency.

  13. 13. CONTACT INFORMATION

    14. If you have questions about this Privacy Policy or wish to exercise your data rights, contact us:

    hello@Mindlyst.org
    (your GitHub/GitLab link)
Mindlyst

Build a beautiful life by nurturing your mental health and enhancing your overall happiness

Quick Links

Contact us

copyright Mindlyst 2022